Configuration file
This is the default mfadmin configuration file.
###################
##### STARTUP #####
###################
[startup]
# If flag=0, block the start of the module
flag=1
#######################
##### AUTORESTART #####
#######################
[autorestart]
# If flag=1, then the autorestart feature is on
flag=1
################
##### MISC #####
################
[misc]
# Max coredumps size (value for `ulimit -c`;
# if core_size=-1, `ulimit -c` is not set)
core_size=0
# tmp sub-directory (${MFMODULE_RUNTIME_HOME}/tmp) cleaning
# 0 => no automatic cleaning
# x => clean files/directories older than x days
tmp_max_age=2
###############
##### LOG #####
###############
[log]
# Log minimal level
# DEBUG => everything,
# INFO => everything but not DEBUG,
# WARNING => everything but not DEBUG and INFO,
# ERROR => everything but not DEBUG, INFO and WARNING,
# CRITICAL => everything but not DEBUG, INFO, WARNING AND ERROR
minimal_level=INFO
# Duplicate some log messages in JSON to a specific file (for external
# monitoring tool)
# If json_file value is :
# null => the feature is desactivated
# AUTO => the feature is desactivated (because it's not necessary anymore
# since 1.2 version)
json_file=null
# Minimal level for this json log file
# DEBUG => everything,
# INFO => everything but not DEBUG,
# WARNING => everything but not DEBUG and INFO,
# ERROR => everything but not DEBUG, INFO and WARNING,
# CRITICAL => everything but not DEBUG, INFO, WARNING AND ERROR
# Note: you can't send more messages to json log file than the configured global
# minimal_level level (so also change the value of minimal_level key in
# these uncommon use-cases)
json_minimal_level=WARNING
# Send some log files to mfadmin
# null => the feature is desactivated
# AUTO => the feature is activated if [admin]/hostname != null
mfadmin_flag=AUTO
# Minimal level for mfadmin send
# DEBUG => everything,
# INFO => everything but not DEBUG,
# WARNING => everything but not DEBUG and INFO,
# ERROR => everything but not DEBUG, INFO and WARNING,
# CRITICAL => everything but not DEBUG, INFO, WARNING AND ERROR
# Note: you can't send more messages to mfadmin than the configured global
# minimal_level level (so also change the value of minimal_level key in
# these uncommon use-cases)
mfadmin_minimal_level=WARNING
# Maximum number of rotated files to keep
number_of_rotated_files=5
# Max age of a log file before rotation (in seconds)
# Default: 86400 (24H)
max_age_before_rotation=86400
# Max size of a log file before rotation (in bytes)
# Default: 104857600 (100 MB)
max_size_before_rotation=104857600
# chmod on log files
# Default : 0644
chmod=0644
# Try to split stdout/stderr in distinct log files (when it's possible)
# (1 => split, 0 => don't split)
try_to_split_stdout_stderr=0
# Try to split multiple workers in distinct log files (when it's possible)
# (1 => split, 0 => don't split)
try_to_split_multiple_workers=0
##################
##### VECTOR #####
##################
[vector]
# UDP port used by vector syslog server (for mflog logs)
mflog_port = 5146
##################
##### CIRCUS #####
##################
[circus]
# You don't have to change this
endpoint=ipc://{{MFMODULE_RUNTIME_HOME}}/var/circus.socket
pubsub_endpoint=ipc://{{MFMODULE_RUNTIME_HOME}}/var/circus_pubsub.socket
####################
##### INFLUXDB #####
####################
[influxdb]
# Internal Influxdb port
port=18088
# Public InfluxDB HTTP port
http_port=18086
################
##### LDAP #####
################
[ldap]
# if flag=1, use LDAP for authentification
flag=0
# internal port for LDAP authentification (not exposed)
port=27156
# use this user for connecting to LDAP server (bind operation)
# (if empty => connect anonymously)
bind_who=
# bind password (see bind_who key)
bind_pass=
# ldap url
url=ldap://yourldapserver:port
# ldap search base
base=ou=people,dc=example,dc=com
# if starttls=1 => use STARTTLS protocol option
starttls=0
###################
##### GRAFANA #####
###################
[grafana]
# grafana admin password (length must be > 4)
# (you have to restart the module if you change it)
admin_password=admin
# If you want to serve grafana behind a reverse proxy
# set the proxied public url here
# (null => no reverse proxy and automatic configuration with
# root_url = http://{{MFHOSTNAME_FULL}}:{{MFADMIN_NGINX_PORT}}/grafana)
reverse_proxy_root_url = null
# smtp options
# if host = null, the smtp service is disabled
smtp_host = null
smtp_user =
smtp_password =
smtp_cert_file =
smtp_key_file =
smtp_from_name = Grafana
smtp_from_address = admin@grafana.localhost
smtp_skip_verify = true
smtp_ehlo_identity =
##########################
##### ELASTICSEARCH ######
##########################
[elasticsearch]
# Public ElasticSearch HTTP POrt
http_port=15603
# Heap Size for ElasticSearch (-Xmx format)
# (1g => 1 GB)
heap_size=1g
# ElasticSearch node name
node_name={{MFHOSTNAME}}
# https://www.elastic.co/guide/en/elasticsearch/reference/current/network.host.html
network_host=0.0.0.0
# indices starting with "mflog-" and "nginx-" are destroyed after {indices_lifetime} days
# -1 => no cleaning
indices_lifetime = 5
###################
##### KIBANA ######
###################
[kibana]
# Public Kibana HTTP Port
http_port=15604
# kibana admin password
# added at nginx level
# (you have to restart the module if you change it)
admin_password=admin
# Encryption keys
# something at least 32 characters
# can be superseded by OPs
xpack_security_encryptionkey=541ca694529ab5916456cc7eb9b8cedfbdb9182fbaadd145
xpack_reporting_encryptionkey=8608cf617b392bd0590a0f97c1745a988192345df5bf8488
################
##### LOKI #####
################
[loki]
# Port used by loki daemon
http_port=13600
http_alert_manager_port=19093
# retention inside loki (in days)
logs_lifetime = 5
#################
##### NGINX #####
#################
[nginx]
# Port of nginx daemon used to protect kibana
port=15605
# Max body size for incoming http requests (in MB)
upload_max_body_size=100
# Number of nginx workers
workers=2
# Default timeout (in seconds)
# You can override this in plugin config.ini
timeout=60
# If logging=0, do not log anything in nginx_access.log
logging=0
# In which tmp directory nginx put big request bodies
clientbody_temp_path=@@@MFMODULE_RUNTIME_HOME@@@/var/nginx2